AS1024
/
Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add config option to exclude fields from auth providers sync

This commit is contained in:
Frédéric Guillot 2017-11-28 16:29:49 -08:00
parent 436673247f
commit 6d2076e859
5 changed files with 24 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Core/User/UserProperty.php
View File

@ -44,7 +44,7 @@ class UserProperty
*/
public static function filterProperties(array $profile, array $properties)
{
$excludedProperties = array('username');
$excludedProperties = explode_csv_field(EXTERNAL_AUTH_EXCLUDE_FIELDS);
$values = array();
foreach ($properties as $property => $value) {

3
app/constants.php
View File

@ -149,3 +149,6 @@ defined('HTTP_VERIFY_SSL_CERTIFICATE') or define('HTTP_VERIFY_SSL_CERTIFICATE',
defined('TOTP_ISSUER') or define('TOTP_ISSUER', 'Kanboard');
defined('PROJECT_ACTIVITIES_MAX_EVENTS') or define('PROJECT_ACTIVITIES_MAX_EVENTS', 10000);
// Comma separated list of fields to not synchronize when using external authentication providers
defined('EXTERNAL_AUTH_EXCLUDE_FIELDS') or define('EXTERNAL_AUTH_EXCLUDE_FIELDS', 'username');

3
config.default.php
View File

@ -240,3 +240,6 @@ define('TOTP_ISSUER', 'Kanboard');
// Maximum number of events stored in the table "project_activities"
define('PROJECT_ACTIVITIES_MAX_EVENTS', 10000);
// Comma separated list of fields to not synchronize when using external authentication providers
define('EXTERNAL_AUTH_EXCLUDE_FIELDS', 'username');

7
doc/en_US/config.markdown
View File

@ -1,4 +1,4 @@
Config file
Config File
===========
You can customize the default settings of Kanboard by adding a file `config.php` at the project root or in the `data` folder.
@ -273,7 +273,7 @@ define('LOG_FILE', __DIR__.DIRECTORY_SEPARATOR.'data'.DIRECTORY_SEPARATOR.'debug
```
Brute-force protection
---------------------
----------------------
```php
// Enable captcha after 3 authentication failure
@ -338,4 +338,7 @@ define('TOTP_ISSUER', 'Kanboard');
// Maximum number of events stored in the table "project_activities"
define('PROJECT_ACTIVITIES_MAX_EVENTS', 10000);
// Comma separated list of fields to not synchronize when using external authentication providers
define('EXTERNAL_AUTH_EXCLUDE_FIELDS', 'username');
```

12
doc/en_US/ldap-authentication.markdown
View File

@ -194,6 +194,18 @@ Just change the value of `LDAP_ACCOUNT_CREATION` to `false`:
define('LDAP_ACCOUNT_CREATION', false);
```
Synchronization
---------------
By default, Kanboard will synchronize all fields (role, name, email...) except the username.
If you would like to change this behavior, use this config parameter:
```bash
// This example will not synchronize the fields "username" and "role" from LDAP to Kanboard.
define('EXTERNAL_AUTH_EXCLUDE_FIELDS', 'username,role');
```
Troubleshooting
---------------